Troutman Pepper Consumer Financial Services COVID-19 Weekly Bulletin – July 2022 | Troutman pepper

Like most industries today, consumer credit services businesses continue to be significantly impacted by COVID-19. To help keep you up to date with relevant activity, below is a breakdown of some of the biggest federal and state legislative and regulatory events impacting the consumer credit services industry during the week. last :

Federal activities

State activities

Privacy and cybersecurity activities

Federal activities:

  • On June 30, the Office of the Comptroller of the Currency (OCC) released its Semi-Annual Risk Outlook for Spring 2022, which includes a discussion of the risks and suggestions banks should consider about distributed ledger technologies and digital assets. For more information, click here.

  • On June 27, the Federal Reserve Board announced the final timeline and implementation details for adopting the International Organization for Standardization (ISO) 20022 message format for its Fedwire Funds service. The Federal Reserve Board has extended the deadline for implementing a target date of November 2023 to March 10, 2025. For more information, click here.

  • On June 29, the Consumer Financial Protection Bureau (CFPB) issued an advisory opinion, saying that federal law often prohibits debt collectors from charging a “convenience fee” for certain payments when consumers wish to pay from a particular way, such as online or over the phone. . For more information, click here.

  • On June 28, the CFPB issued an interpretative rule to state agencies, informing them that the Fair Credit Reporting Act does not prevent states from enacting their own credit reporting laws. For more information, click here.

  • On June 28, the United States Chamber of Commerce released a letter, pointing out what it describes as illegal regulatory overreach on the part of the CFPB and in particular the new CFPB Director, Rohit Chopra. For more information, click here.

  • The CFPB Member Affairs Office released its annual report, detailing more than 17,000 complaints filed by military members, veterans and their families in 2021. The largest number of complaints were about incorrect information on credit reports; Closely related to the first complaint was the inability of credit reporting agencies to respond quickly and thoroughly to these complaints. For more information, click here.

State activities:

  • On June 30, New York Attorney General Letitia James obtained $400,000 from a grocery store chain for exposing the personal information of more than three million consumers nationwide, including more than 830,000 New -Yorkers. According to the press release, the grocery chain “stored consumers’ personal information in misconfigured cloud storage containers that were open, allowing hackers or others to easily access the information. The compromised data included usernames and passwords for [the grocery store’s customers’] accounts, as well as customer names, email addresses, mailing addresses, and additional data derived from driver’s license numbers. As a result of the action, the grocery chain upgraded its data security practices. For more information, click here.

  • The Northern District of Illinois recently granted the defendant banks’ motions to dismiss in an alleged wire fraud case, finding that the Illinois Uniform Commercial Code (UCC) pre-empted plaintiff’s common law claims, consumer fraud claims did not meets the enhanced pleading standard of R. 9(b), and claims under the Electronic Funds Transfer Act did not state a claim. The decision demonstrates that because UCC Section 4A governs wire transfers, plaintiffs asserting wire fraud allegations are generally limited to the relief granted under UCC Section 4A; claims under common law, consumer fraud and EFTA laws generally cannot be used to impose liability on a bank for its role in a wire transfer transaction. For more information, click here.

  • On June 29, California Attorney General Rob Bonta issued an alert to Californians whose personal information has been disclosed under the state’s Gun Dashboard portal. The “incident revealed the personal information of individuals who were granted or denied Concealment and Carrying Weapons (CCW) permits between 2011 and 2021,” according to the alert. “This unauthorized disclosure of personal information is unacceptable and falls far short of my expectations for this department,” Attorney General Rob Bonta said. “I immediately launched an investigation into how this happened at the California Department of Justice and will take strong corrective action if necessary.” For more information, click here.

  • In June, Hawaii enacted SB 2695 to create a Blockchain and Cryptocurrency Task Force, which is tasked with reporting its findings and recommendations to the legislature. For more information, click here.

  • In June, Missouri’s money laundering law was amended to include cryptocurrency, making money laundering a criminal offense if a person engages in specific financial transactions involving cryptocurrency. For more information, click here.

  • The Governor of Iowa signed HF 2443 in June, which amends Iowa’s Uniform Electronic Transactions Act to remove references to distributed ledger technology and add a new section, addressing the legal effect of distributed ledger technology and smart contracts. For more information, click here.

Privacy and cybersecurity activities:

  • On June 29, the Department of Health and Human Services (HSS) issued guidelines to protect patient privacy following the Supreme Court’s decision in deer. In general, the guidelines do two things: (1) explain how the federal government and regulations protect individuals’ private medical information (known as protected health information, or PHI) relating to abortion and other sexual and reproductive health care – clarifying that providers are not required to disclose private medical information to third parties; and (2) discusses the extent to which private medical information is protected on personal cellphones and tablets, providing guidance for protecting individuals’ privacy when using period trackers and other apps. health information. To read the full guide, click here.

  • On July 1, the California Medical Information Privacy Act went into effect, amending the Confidentiality of Medical Information Act and the Insurance Information and Privacy Protection Act regarding the privacy of medical information. Specifically, the bill requires a health plan or health insurer to respond to requests for confidential disclosure of medical information, whether it involves a situation involving sensitive services or a situation in which disclosure would put the person at risk. To read the invoice, click on here.

Stephen V. Lee